enmi-conf.org: comparison wp/wp-includes/class-smtp.php

equal deleted inserted replaced

-:490d5cc509ed
+:cf61fcea0001
 <?php
 /**
 * PHPMailer RFC821 SMTP email transport class.
-* Version 5.2.7
+* PHP Version 5
-* PHP version 5.0.0
+* @package PHPMailer
-* @category  PHP
+* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
-* @package   PHPMailer
+* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
-* @link      https://github.com/PHPMailer/PHPMailer/
-* @author Marcus Bointon (coolbru) <phpmailer@synchromedia.co.uk>
 * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
 * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
-* @copyright 2013 Marcus Bointon
+* @author Brent R. Matzelle (original founder)
-* @copyright 2004 - 2008 Andy Prevost
+* @copyright 2014 Marcus Bointon
 * @copyright 2010 - 2012 Jim Jagielski
-* @license   http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL)
+* @copyright 2004 - 2009 Andy Prevost
+* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+* @note This program is distributed in the hope that it will be useful - WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE.
 */
 /**
 * PHPMailer RFC821 SMTP email transport class.
-*
+* Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
-* Implements RFC 821 SMTP commands
+* @package PHPMailer
-* and provides some utility methods for sending mail to an SMTP server.
+* @author Chris Ryan
-*
+* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
-* PHP Version 5.0.0
-*
-* @category PHP
-* @package  PHPMailer
-* @link     https://github.com/PHPMailer/PHPMailer/blob/master/class.smtp.php
-* @author   Chris Ryan <unknown@example.com>
-* @author   Marcus Bointon <phpmailer@synchromedia.co.uk>
-* @license  http://www.gnu.org/copyleft/lesser.html Distributed under the Lesser General Public License (LGPL)
 */
 class SMTP
 {
 /**
+* The PHPMailer SMTP version number.
+* @var string
+*/
+const VERSION = '5.2.22';
+/**
+* SMTP line break constant.
+* @var string
+*/
+const CRLF = "\r\n";
+/**
+* The SMTP port to use if one is not specified.
+* @var integer
+*/
+const DEFAULT_SMTP_PORT = 25;
+/**
+* The maximum line length allowed by RFC 2822 section 2.1.1
+* @var integer
+*/
+const MAX_LINE_LENGTH = 998;
+/**
+* Debug level for no output
+*/
+const DEBUG_OFF = 0;
+/**
+* Debug level to show client -> server messages
+*/
+const DEBUG_CLIENT = 1;
+/**
+* Debug level to show client -> server and server -> client messages
+*/
+const DEBUG_SERVER = 2;
+/**
+* Debug level to show connection status, client -> server and server -> client messages
+*/
+const DEBUG_CONNECTION = 3;
+/**
+* Debug level to show all messages
+*/
+const DEBUG_LOWLEVEL = 4;
+/**
 * The PHPMailer SMTP Version number.
-*/
+* @var string
-const VERSION = '5.2.7';
+* @deprecated Use the `VERSION` constant instead
-/**
-* SMTP line break constant.
-*/
-const CRLF = "\r\n";
-/**
-* The SMTP port to use if one is not specified.
-*/
-const DEFAULT_SMTP_PORT = 25;
-/**
-* The PHPMailer SMTP Version number.
-* @type string
-* @deprecated This should be a constant
 * @see SMTP::VERSION
 */
-public $Version = '5.2.7';
+public $Version = '5.2.22';
 /**
 * SMTP server port number.
-* @type int
+* @var integer
-* @deprecated This is only ever ued as default value, so should be a constant
+* @deprecated This is only ever used as a default value, so use the `DEFAULT_SMTP_PORT` constant instead
 * @see SMTP::DEFAULT_SMTP_PORT
 */
 public $SMTP_PORT = 25;
 /**
-* SMTP reply line ending
+* SMTP reply line ending.
-* @type string
+* @var string
-* @deprecated Use the class constant instead
+* @deprecated Use the `CRLF` constant instead
 * @see SMTP::CRLF
 */
 public $CRLF = "\r\n";
 /**
 * Debug output level.
-* Options: 0 for no output, 1 for commands, 2 for data and commands
+* Options:
-* @type int
+* * self::DEBUG_OFF (`0`) No debug output, default
-*/
+* * self::DEBUG_CLIENT (`1`) Client commands
-public $do_debug = 0;
+* * self::DEBUG_SERVER (`2`) Client commands and server responses
+* * self::DEBUG_CONNECTION (`3`) As DEBUG_SERVER plus connection status
-/**
+* * self::DEBUG_LOWLEVEL (`4`) Low-level data output, all messages
-* The function/method to use for debugging output.
+* @var integer
-* Options: 'echo', 'html' or 'error_log'
+*/
-* @type string
+public $do_debug = self::DEBUG_OFF;
+/**
+* How to handle debug output.
+* Options:
+* * `echo` Output plain-text as-is, appropriate for CLI
+* * `html` Output escaped, line breaks converted to `<br>`, appropriate for browser output
+* * `error_log` Output to error log as configured in php.ini
+*
+* Alternatively, you can provide a callable expecting two params: a message string and the debug level:
+* <code>
+* $smtp->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";};
+* </code>
+* @var string|callable
 */
 public $Debugoutput = 'echo';
 /**
 * Whether to use VERP.
-* @type bool
+* @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
+* @link http://www.postfix.org/VERP_README.html Info on VERP
+* @var boolean
 */
 public $do_verp = false;
 /**
-* The SMTP timeout value for reads, in seconds.
+* The timeout value for connection, in seconds.
-* @type int
+* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
-*/
+* This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure.
-public $Timeout = 15;
+* @link http://tools.ietf.org/html/rfc2821#section-4.5.3.2
+* @var integer
-/**
+*/
-* The SMTP timelimit value for reads, in seconds.
+public $Timeout = 300;
-* @type int
-*/
+/**
-public $Timelimit = 30;
+* How long to wait for commands to complete, in seconds.
+* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
+* @var integer
+*/
+public $Timelimit = 300;
+	/**
+	 * @var array patterns to extract smtp transaction id from smtp reply
+	 * Only first capture group will be use, use non-capturing group to deal with it
+	 * Extend this class to override this property to fulfil your needs.
+	 */
+	protected $smtp_transaction_id_patterns = array(
+		'exim' => '/[0-9]{3} OK id=(.*)/',
+		'sendmail' => '/[0-9]{3} 2.0.0 (.*) Message/',
+		'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
+	);
 /**
 * The socket for the server connection.
-* @type resource
+* @var resource
 */
 protected $smtp_conn;
 /**
-* Error message, if any, for the last call.
+* Error information, if any, for the last SMTP command.
-* @type string
+* @var array
 */
-protected $error = '';
+protected $error = array(
+'error' => '',
+'detail' => '',
+'smtp_code' => '',
+'smtp_code_ex' => ''
+);
 /**
 * The reply the server sent to us for HELO.
-* @type string
+* If null, no HELO string has yet been received.
-*/
+* @var string|null
-protected $helo_rply = '';
+*/
+protected $helo_rply = null;
+/**
+* The set of SMTP extensions sent in reply to EHLO command.
+* Indexes of the array are extension names.
+* Value at index 'HELO' or 'EHLO' (according to command that was sent)
+* represents the server name. In case of HELO it is the only element of the array.
+* Other values can be boolean TRUE or an array containing extension options.
+* If null, no HELO/EHLO string has yet been received.
+* @var array|null
+*/
+protected $server_caps = null;
 /**
 * The most recent reply received from the server.
-* @type string
+* @var string
 */
 protected $last_reply = '';
 /**
-* Constructor.
-* @access public
-*/
-public function __construct()
-{
-$this->smtp_conn = 0;
-$this->error = null;
-$this->helo_rply = null;
-$this->do_debug = 0;
-}
-/**
 * Output debugging info via a user-selected method.
+* @see SMTP::$Debugoutput
+* @see SMTP::$do_debug
 * @param string $str Debug string to output
+* @param integer $level The debug level of this message; see DEBUG_* constants
 * @return void
 */
-protected function edebug($str)
+protected function edebug($str, $level = 0)
 {
+if ($level > $this->do_debug) {
+return;
+}
+//Avoid clash with built-in function names
+if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) {
+call_user_func($this->Debugoutput, $str, $level);
+return;
+}
 switch ($this->Debugoutput) {
 case 'error_log':
 //Don't output, just log
 error_log($str);
 break;
 )
 . "<br>\n";
 break;
 case 'echo':
 default:
-//Just echoes whatever was received
+//Normalize line breaks
-echo $str;
+$str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str);
+echo gmdate('Y-m-d H:i:s') . "\t" . str_replace(
+"\n",
+"\n                   \t                  ",
+trim($str)
+)."\n";
 }
 }
 /**
 * Connect to an SMTP server.
-* @param string $host    SMTP server IP or host name
+* @param string $host SMTP server IP or host name
-* @param int $port    The port number to connect to
+* @param integer $port The port number to connect to
-* @param int $timeout How long to wait for the connection to open
+* @param integer $timeout How long to wait for the connection to open
 * @param array $options An array of options for stream_context_create()
 * @access public
-* @return bool
+* @return boolean
 */
 public function connect($host, $port = null, $timeout = 30, $options = array())
 {
+static $streamok;
+//This is enabled by default since 5.0.0 but some providers disable it
+//Check this once and cache the result
+if (is_null($streamok)) {
+$streamok = function_exists('stream_socket_client');
+}
 // Clear errors to avoid confusion
-$this->error = null;
+$this->setError('');
 // Make sure we are __not__ connected
 if ($this->connected()) {
 // Already connected, generate error
-$this->error = array('error' => 'Already connected to a server');
+$this->setError('Already connected to a server');
 return false;
 }
 if (empty($port)) {
 $port = self::DEFAULT_SMTP_PORT;
 }
 // Connect to the SMTP server
+$this->edebug(
+"Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
+self::DEBUG_CONNECTION
+);
 $errno = 0;
 $errstr = '';
-$socket_context = stream_context_create($options);
+if ($streamok) {
-//Suppress errors; connection failures are handled at a higher level
+$socket_context = stream_context_create($options);
-$this->smtp_conn = @stream_socket_client(
+set_error_handler(array($this, 'errorHandler'));
-$host . ":" . $port,
+$this->smtp_conn = stream_socket_client(
-$errno,
+$host . ":" . $port,
-$errstr,
+$errno,
-$timeout,
+$errstr,
-STREAM_CLIENT_CONNECT,
+$timeout,
-$socket_context
+STREAM_CLIENT_CONNECT,
-);
+$socket_context
+);
+restore_error_handler();
+} else {
+//Fall back to fsockopen which should work in more places, but is missing some features
+$this->edebug(
+"Connection: stream_socket_client not available, falling back to fsockopen",
+self::DEBUG_CONNECTION
+);
+set_error_handler(array($this, 'errorHandler'));
+$this->smtp_conn = fsockopen(
+$host,
+$port,
+$errno,
+$errstr,
+$timeout
+);
+restore_error_handler();
+}
 // Verify we connected properly
-if (empty($this->smtp_conn)) {
+if (!is_resource($this->smtp_conn)) {
-$this->error = array(
+$this->setError(
-'error' => 'Failed to connect to server',
+'Failed to connect to server',
-'errno' => $errno,
+$errno,
-'errstr' => $errstr
+$errstr
 );
-if ($this->do_debug >= 1) {
+$this->edebug(
-$this->edebug(
+'SMTP ERROR: ' . $this->error['error']
-'SMTP -> ERROR: ' . $this->error['error']
+. ": $errstr ($errno)",
-. ": $errstr ($errno)"
+self::DEBUG_CLIENT
 );
-}
 return false;
 }
+$this->edebug('Connection: opened', self::DEBUG_CONNECTION);
 // SMTP server can take longer to respond, give longer timeout for first read
 // Windows does not have support for this timeout function
 if (substr(PHP_OS, 0, 3) != 'WIN') {
 $max = ini_get('max_execution_time');
-if ($max != 0 && $timeout > $max) { // Don't bother if unlimited
+// Don't bother if unlimited
+if ($max != 0 && $timeout > $max) {
 @set_time_limit($timeout);
 }
 stream_set_timeout($this->smtp_conn, $timeout, 0);
 }
 // Get any announcement
 $announce = $this->get_lines();
+$this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
-if ($this->do_debug >= 2) {
-$this->edebug('SMTP -> FROM SERVER:' . $announce);
-}
 return true;
 }
 /**
 * Initiate a TLS (encrypted) session.
 * @access public
-* @return bool
+* @return boolean
 */
 public function startTLS()
 {
-if (!$this->sendCommand("STARTTLS", "STARTTLS", 220)) {
+if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) {
 return false;
 }
+//Allow the best TLS version(s) we can
+$crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+//PHP 5.6.7 dropped inclusion of TLS 1.1 and 1.2 in STREAM_CRYPTO_METHOD_TLS_CLIENT
+//so add them back in manually if we can
+if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
+$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
+}
 // Begin encrypted connection
 if (!stream_socket_enable_crypto(
 $this->smtp_conn,
 true,
-STREAM_CRYPTO_METHOD_TLS_CLIENT
+$crypto_method
-)
+)) {
-) {
 return false;
 }
 return true;
 }
 /**
 * Perform SMTP authentication.
 * Must be run after hello().
 * @see hello()
-* @param string $username    The user name
+* @param string $username The user name
-* @param string $password    The password
+* @param string $password The password
-* @param string $authtype    The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
+* @param string $authtype The auth type (PLAIN, LOGIN, CRAM-MD5)
-* @param string $realm       The auth realm for NTLM
+* @param string $realm The auth realm for NTLM
 * @param string $workstation The auth workstation for NTLM
-* @access public
+* @param null|OAuth $OAuth An optional OAuth instance (@see PHPMailerOAuth)
-* @return bool True if successfully authenticated.
+* @return bool True if successfully authenticated.* @access public
 */
 public function authenticate(
 $username,
 $password,
-$authtype = 'LOGIN',
+$authtype = null,
 $realm = '',
-$workstation = ''
+$workstation = '',
+$OAuth = null
 ) {
-if (empty($authtype)) {
+if (!$this->server_caps) {
+$this->setError('Authentication is not allowed before HELO/EHLO');
+return false;
+}
+if (array_key_exists('EHLO', $this->server_caps)) {
+// SMTP extensions are available. Let's try to find a proper authentication method
+if (!array_key_exists('AUTH', $this->server_caps)) {
+$this->setError('Authentication is not allowed at this stage');
+// 'at this stage' means that auth may be allowed after the stage changes
+// e.g. after STARTTLS
+return false;
+}
+self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
+self::edebug(
+'Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']),
+self::DEBUG_LOWLEVEL
+);
+if (empty($authtype)) {
+foreach (array('CRAM-MD5', 'LOGIN', 'PLAIN') as $method) {
+if (in_array($method, $this->server_caps['AUTH'])) {
+$authtype = $method;
+break;
+}
+}
+if (empty($authtype)) {
+$this->setError('No supported authentication methods found');
+return false;
+}
+self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
+}
+if (!in_array($authtype, $this->server_caps['AUTH'])) {
+$this->setError("The requested authentication method \"$authtype\" is not supported by the server");
+return false;
+}
+} elseif (empty($authtype)) {
 $authtype = 'LOGIN';
 }
 switch ($authtype) {
 case 'PLAIN':
 // Start authentication
 if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
 return false;
 }
 if (!$this->sendCommand("Password", base64_encode($password), 235)) {
 return false;
 }
 break;
-case 'NTLM':
-/*
-* ntlm_sasl_client.php
-* Bundled with Permission
-*
-* How to telnet in windows:
-* http://technet.microsoft.com/en-us/library/aa995718%28EXCHG.65%29.aspx
-* PROTOCOL Docs http://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication
-*/
-require_once 'extras/ntlm_sasl_client.php';
-$temp = new stdClass();
-$ntlm_client = new ntlm_sasl_client_class;
-//Check that functions are available
-if (!$ntlm_client->Initialize($temp)) {
-$this->error = array('error' => $temp->error);
-if ($this->do_debug >= 1) {
-$this->edebug(
-'You need to enable some modules in your php.ini file: '
-. $this->error['error']
-);
-}
-return false;
-}
-//msg1
-$msg1 = $ntlm_client->TypeMsg1($realm, $workstation); //msg1
-if (!$this->sendCommand(
-'AUTH NTLM',
-'AUTH NTLM ' . base64_encode($msg1),
-334
-)
-) {
-return false;
-}
-//Though 0 based, there is a white space after the 3 digit number
-//msg2
-$challenge = substr($this->last_reply, 3);
-$challenge = base64_decode($challenge);
-$ntlm_res = $ntlm_client->NTLMResponse(
-substr($challenge, 24, 8),
-$password
-);
-//msg3
-$msg3 = $ntlm_client->TypeMsg3(
-$ntlm_res,
-$username,
-$realm,
-$workstation
-);
-// send encoded username
-return $this->sendCommand('Username', base64_encode($msg3), 235);
-break;
 case 'CRAM-MD5':
 // Start authentication
 if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) {
 return false;
 }
 // Build the response
 $response = $username . ' ' . $this->hmac($challenge, $password);
 // send encoded credentials
 return $this->sendCommand('Username', base64_encode($response), 235);
-break;
+default:
+$this->setError("Authentication method \"$authtype\" is not supported");
+return false;
 }
 return true;
 }
 /**
 // RFC 2104 HMAC implementation for php.
 // Creates an md5 HMAC.
 // Eliminates the need to install mhash to compute a HMAC
 // by Lance Rushing
-$b = 64; // byte length for md5
+$bytelen = 64; // byte length for md5
-if (strlen($key) > $b) {
+if (strlen($key) > $bytelen) {
 $key = pack('H*', md5($key));
 }
-$key = str_pad($key, $b, chr(0x00));
+$key = str_pad($key, $bytelen, chr(0x00));
-$ipad = str_pad('', $b, chr(0x36));
+$ipad = str_pad('', $bytelen, chr(0x36));
-$opad = str_pad('', $b, chr(0x5c));
+$opad = str_pad('', $bytelen, chr(0x5c));
 $k_ipad = $key ^ $ipad;
 $k_opad = $key ^ $opad;
 return md5($k_opad . pack('H*', md5($k_ipad . $data)));
 }
 /**
 * Check connection state.
 * @access public
-* @return bool True if connected.
+* @return boolean True if connected.
 */
 public function connected()
 {
-if (!empty($this->smtp_conn)) {
+if (is_resource($this->smtp_conn)) {
 $sock_status = stream_get_meta_data($this->smtp_conn);
 if ($sock_status['eof']) {
-// the socket is valid but we are not connected
+// The socket is valid but we are not connected
-if ($this->do_debug >= 1) {
+$this->edebug(
-$this->edebug(
+'SMTP NOTICE: EOF caught while checking if connected',
-'SMTP -> NOTICE: EOF caught while checking if connected'
+self::DEBUG_CLIENT
 );
-}
 $this->close();
 return false;
 }
 return true; // everything looks good
 }
 * @access public
 * @return void
 */
 public function close()
 {
-$this->error = null; // so there is no confusion
+$this->setError('');
+$this->server_caps = null;
 $this->helo_rply = null;
-if (!empty($this->smtp_conn)) {
+if (is_resource($this->smtp_conn)) {
 // close the connection and cleanup
 fclose($this->smtp_conn);
-$this->smtp_conn = 0;
+$this->smtp_conn = null; //Makes for cleaner serialization
+$this->edebug('Connection: closed', self::DEBUG_CONNECTION);
 }
 }
 /**
 * Send an SMTP DATA command.
 * on a single line followed by a <CRLF> with the message headers
 * and the message body being separated by and additional <CRLF>.
 * Implements rfc 821: DATA <CRLF>
 * @param string $msg_data Message data to send
 * @access public
-* @return bool
+* @return boolean
 */
 public function data($msg_data)
 {
+//This will use the standard timelimit
 if (!$this->sendCommand('DATA', 'DATA', 354)) {
 return false;
 }
 /* The server is ready to accept data!
-* according to rfc821 we should not send more than 1000
+* According to rfc821 we should not send more than 1000 characters on a single line (including the CRLF)
-* including the CRLF
+* so we will break the data up into lines by \r and/or \n then if needed we will break each of those into
-* characters on a single line so we will break the data up
+* smaller lines to fit within the limit.
-* into lines by \r and/or \n then if needed we will break
+* We will also look for lines that start with a '.' and prepend an additional '.'.
-* each of those into smaller lines to fit within the limit.
+* NOTE: this does not count towards line-length limit.
-* in addition we will be looking for lines that start with
-* a period '.' and append and additional period '.' to that
-* line. NOTE: this does not count towards limit.
 */
-// Normalize the line breaks before exploding
+// Normalize line breaks before exploding
-$msg_data = str_replace("\r\n", "\n", $msg_data);
+$lines = explode("\n", str_replace(array("\r\n", "\r"), "\n", $msg_data));
-$msg_data = str_replace("\r", "\n", $msg_data);
-$lines = explode("\n", $msg_data);
+/* To distinguish between a complete RFC822 message and a plain message body, we check if the first field
+* of the first line (':' separated) does not contain a space then it _should_ be a header and we will
-/* We need to find a good way to determine if headers are
+* process all lines before a blank line as headers.
-* in the msg_data or if it is a straight msg body
-* currently I am assuming rfc822 definitions of msg headers
-* and if the first field of the first line (':' separated)
-* does not contain a space then it _should_ be a header
-* and we can process all lines before a blank "" line as
-* headers.
 */
 $field = substr($lines[0], 0, strpos($lines[0], ':'));
 $in_headers = false;
-if (!empty($field) && !strstr($field, ' ')) {
+if (!empty($field) && strpos($field, ' ') === false) {
 $in_headers = true;
 }
-//RFC 2822 section 2.1.1 limit
-$max_line_length = 998;
 foreach ($lines as $line) {
-$lines_out = null;
+$lines_out = array();
-if ($line == '' && $in_headers) {
+if ($in_headers and $line == '') {
 $in_headers = false;
 }
-// ok we need to break this line up into several smaller lines
+//Break this line up into several smaller lines if it's too long
-while (strlen($line) > $max_line_length) {
+//Micro-optimisation: isset($str[$len]) is faster than (strlen($str) > $len),
-$pos = strrpos(substr($line, 0, $max_line_length), ' ');
+while (isset($line[self::MAX_LINE_LENGTH])) {
+//Working backwards, try to find a space within the last MAX_LINE_LENGTH chars of the line to break on
-// Patch to fix DOS attack
+//so as to avoid breaking in the middle of a word
+$pos = strrpos(substr($line, 0, self::MAX_LINE_LENGTH), ' ');
+//Deliberately matches both false and 0
 if (!$pos) {
-$pos = $max_line_length - 1;
+//No nice break found, add a hard break
+$pos = self::MAX_LINE_LENGTH - 1;
 $lines_out[] = substr($line, 0, $pos);
 $line = substr($line, $pos);
 } else {
+//Break at the found point
 $lines_out[] = substr($line, 0, $pos);
+//Move along by the amount we dealt with
 $line = substr($line, $pos + 1);
 }
+//If processing headers add a LWSP-char to the front of new line RFC822 section 3.1.1
-/* If processing headers add a LWSP-char to the front of new line
-* rfc822 on long msg headers
-*/
 if ($in_headers) {
 $line = "\t" . $line;
 }
 }
 $lines_out[] = $line;
-// send the lines to the server
+//Send the lines to the server
-while (list(, $line_out) = @each($lines_out)) {
+foreach ($lines_out as $line_out) {
-if (strlen($line_out) > 0) {
+//RFC2821 section 4.5.2
-if (substr($line_out, 0, 1) == '.') {
+if (!empty($line_out) and $line_out[0] == '.') {
 $line_out = '.' . $line_out;
-}
 }
 $this->client_send($line_out . self::CRLF);
 }
 }
-// Message data has been sent, complete the command
+//Message data has been sent, complete the command
-return $this->sendCommand('DATA END', '.', 250);
+//Increase timelimit for end of DATA command
+$savetimelimit = $this->Timelimit;
+$this->Timelimit = $this->Timelimit * 2;
+$result = $this->sendCommand('DATA END', '.', 250);
+//Restore timelimit
+$this->Timelimit = $savetimelimit;
+return $result;
 }
 /**
 * Send an SMTP HELO or EHLO command.
 * Used to identify the sending server to the receiving server.
 * This makes sure that client and server are in a known state.
-* Implements from RFC 821: HELO <SP> <domain> <CRLF>
+* Implements RFC 821: HELO <SP> <domain> <CRLF>
 * and RFC 2821 EHLO.
 * @param string $host The host name or IP to connect to
 * @access public
-* @return bool
+* @return boolean
 */
 public function hello($host = '')
 {
-// Try extended hello first (RFC 2821)
+//Try extended hello first (RFC 2821)
-if (!$this->sendHello('EHLO', $host)) {
+return (boolean)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host));
-if (!$this->sendHello('HELO', $host)) {
-return false;
-}
-}
-return true;
 }
 /**
 * Send an SMTP HELO or EHLO command.
 * Low-level implementation used by hello()
 * @see hello()
 * @param string $hello The HELO string
-* @param string $host  The hostname to say we are
+* @param string $host The hostname to say we are
 * @access protected
-* @return bool
+* @return boolean
 */
 protected function sendHello($hello, $host)
 {
 $noerror = $this->sendCommand($hello, $hello . ' ' . $host, 250);
 $this->helo_rply = $this->last_reply;
+if ($noerror) {
+$this->parseHelloFields($hello);
+} else {
+$this->server_caps = null;
+}
 return $noerror;
+}
+/**
+* Parse a reply to HELO/EHLO command to discover server extensions.
+* In case of HELO, the only parameter that can be discovered is a server name.
+* @access protected
+* @param string $type - 'HELO' or 'EHLO'
+*/
+protected function parseHelloFields($type)
+{
+$this->server_caps = array();
+$lines = explode("\n", $this->helo_rply);
+foreach ($lines as $n => $s) {
+//First 4 chars contain response code followed by - or space
+$s = trim(substr($s, 4));
+if (empty($s)) {
+continue;
+}
+$fields = explode(' ', $s);
+if (!empty($fields)) {
+if (!$n) {
+$name = $type;
+$fields = $fields[0];
+} else {
+$name = array_shift($fields);
+switch ($name) {
+case 'SIZE':
+$fields = ($fields ? $fields[0] : 0);
+break;
+case 'AUTH':
+if (!is_array($fields)) {
+$fields = array();
+}
+break;
+default:
+$fields = true;
+}
+}
+$this->server_caps[$name] = $fields;
+}
+}
 }
 /**
 * Send an SMTP MAIL command.
 * Starts a mail transaction from the email address specified in
 * the mail transaction is started and then one or more recipient
 * commands may be called followed by a data command.
 * Implements rfc 821: MAIL <SP> FROM:<reverse-path> <CRLF>
 * @param string $from Source address of this message
 * @access public
-* @return bool
+* @return boolean
 */
 public function mail($from)
 {
 $useVerp = ($this->do_verp ? ' XVERP' : '');
 return $this->sendCommand(
 /**
 * Send an SMTP QUIT command.
 * Closes the socket if there is no error or the $close_on_error argument is true.
 * Implements from rfc 821: QUIT <CRLF>
-* @param bool $close_on_error Should the connection close if an error occurs?
+* @param boolean $close_on_error Should the connection close if an error occurs?
 * @access public
-* @return bool
+* @return boolean
 */
 public function quit($close_on_error = true)
 {
 $noerror = $this->sendCommand('QUIT', 'QUIT', 221);
-$e = $this->error; //Save any error
+$err = $this->error; //Save any error
 if ($noerror or $close_on_error) {
 $this->close();
-$this->error = $e; //Restore any error from the quit command
+$this->error = $err; //Restore any error from the quit command
 }
 return $noerror;
 }
 /**
 * Send an SMTP RCPT command.
-* Sets the TO argument to $to.
+* Sets the TO argument to $toaddr.
 * Returns true if the recipient was accepted false if it was rejected.
 * Implements from rfc 821: RCPT <SP> TO:<forward-path> <CRLF>
-* @param string $to The address the message is being sent to
+* @param string $address The address the message is being sent to
 * @access public
-* @return bool
+* @return boolean
 */
-public function recipient($to)
+public function recipient($address)
 {
 return $this->sendCommand(
-'RCPT TO ',
+'RCPT TO',
-'RCPT TO:<' . $to . '>',
+'RCPT TO:<' . $address . '>',
 array(250, 251)
 );
 }
 /**
 * Send an SMTP RSET command.
 * Abort any transaction that is currently in progress.
 * Implements rfc 821: RSET <CRLF>
 * @access public
-* @return bool True on success.
+* @return boolean True on success.
 */
 public function reset()
 {
 return $this->sendCommand('RSET', 'RSET', 250);
 }
 /**
 * Send a command to an SMTP server and check its return code.
-* @param string $command       The command name - not sent to the server
+* @param string $command The command name - not sent to the server
 * @param string $commandstring The actual command to send
-* @param int|array $expect     One or more expected integer success codes
+* @param integer|array $expect One or more expected integer success codes
 * @access protected
-* @return bool True on success.
+* @return boolean True on success.
 */
 protected function sendCommand($command, $commandstring, $expect)
 {
 if (!$this->connected()) {
-$this->error = array(
+$this->setError("Called $command without being connected");
-"error" => "Called $command without being connected"
+return false;
+}
+//Reject line breaks in all commands
+if (strpos($commandstring, "\n") !== false or strpos($commandstring, "\r") !== false) {
+$this->setError("Command '$command' contained line breaks");
+return false;
+}
+$this->client_send($commandstring . self::CRLF);
+$this->last_reply = $this->get_lines();
+// Fetch SMTP code and possible error code explanation
+$matches = array();
+if (preg_match("/^([0-9]{3})[ -](?:([0-9]\\.[0-9]\\.[0-9]) )?/", $this->last_reply, $matches)) {
+$code = $matches[1];
+$code_ex = (count($matches) > 2 ? $matches[2] : null);
+// Cut off error code from each response line
+$detail = preg_replace(
+"/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m",
+'',
+$this->last_reply
+);
+} else {
+// Fall back to simple parsing if regex fails
+$code = substr($this->last_reply, 0, 3);
+$code_ex = null;
+$detail = substr($this->last_reply, 4);
+}
+$this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER);
+if (!in_array($code, (array)$expect)) {
+$this->setError(
+"$command command failed",
+$detail,
+$code,
+$code_ex
+);
+$this->edebug(
+'SMTP ERROR: ' . $this->error['error'] . ': ' . $this->last_reply,
+self::DEBUG_CLIENT
 );
 return false;
 }
-$this->client_send($commandstring . self::CRLF);
+$this->setError('');
-$reply = $this->get_lines();
-$code = substr($reply, 0, 3);
-if ($this->do_debug >= 2) {
-$this->edebug('SMTP -> FROM SERVER:' . $reply);
-}
-if (!in_array($code, (array)$expect)) {
-$this->last_reply = null;
-$this->error = array(
-"error" => "$command command failed",
-"smtp_code" => $code,
-"detail" => substr($reply, 4)
-);
-if ($this->do_debug >= 1) {
-$this->edebug(
-'SMTP -> ERROR: ' . $this->error['error'] . ': ' . $reply
-);
-}
-return false;
-}
-$this->last_reply = $reply;
-$this->error = null;
 return true;
 }
 /**
 * Send an SMTP SAML command.
 * will send the message to the users terminal if they are logged
 * in and send them an email.
 * Implements rfc 821: SAML <SP> FROM:<reverse-path> <CRLF>
 * @param string $from The address the message is from
 * @access public
-* @return bool
+* @return boolean
 */
 public function sendAndMail($from)
 {
-return $this->sendCommand("SAML", "SAML FROM:$from", 250);
+return $this->sendCommand('SAML', "SAML FROM:$from", 250);
 }
 /**
 * Send an SMTP VRFY command.
 * @param string $name The name to verify
 * @access public
-* @return bool
+* @return boolean
 */
 public function verify($name)
 {
-return $this->sendCommand("VRFY", "VRFY $name", array(250, 251));
+return $this->sendCommand('VRFY', "VRFY $name", array(250, 251));
 }
 /**
 * Send an SMTP NOOP command.
 * Used to keep keep-alives alive, doesn't actually do anything
 * @access public
-* @return bool
+* @return boolean
 */
 public function noop()
 {
-return $this->sendCommand("NOOP", "NOOP", 250);
+return $this->sendCommand('NOOP', 'NOOP', 250);
 }
 /**
 * Send an SMTP TURN command.
 * This is an optional command for SMTP that this class does not support.
-* This method is here to make the RFC821 Definition
+* This method is here to make the RFC821 Definition complete for this class
-* complete for this class and __may__ be implemented in future
+* and _may_ be implemented in future
 * Implements from rfc 821: TURN <CRLF>
 * @access public
-* @return bool
+* @return boolean
 */
 public function turn()
 {
-$this->error = array(
+$this->setError('The SMTP TURN command is not implemented');
-'error' => 'The SMTP TURN command is not implemented'
+$this->edebug('SMTP NOTICE: ' . $this->error['error'], self::DEBUG_CLIENT);
-);
-if ($this->do_debug >= 1) {
-$this->edebug('SMTP -> NOTICE: ' . $this->error['error']);
-}
 return false;
 }
 /**
 * Send raw data to the server.
 * @param string $data The data to send
 * @access public
-* @return int|bool The number of bytes sent to the server or FALSE on error
+* @return integer|boolean The number of bytes sent to the server or false on error
 */
 public function client_send($data)
 {
-if ($this->do_debug >= 1) {
+$this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
-$this->edebug("CLIENT -> SMTP: $data");
-}
 return fwrite($this->smtp_conn, $data);
 }
 /**
 * Get the latest error.
 * @return array
 */
 public function getError()
 {
 return $this->error;
+}
+/**
+* Get SMTP extensions available on the server
+* @access public
+* @return array|null
+*/
+public function getServerExtList()
+{
+return $this->server_caps;
+}
+/**
+* A multipurpose method
+* The method works in three ways, dependent on argument value and current state
+*   1. HELO/EHLO was not sent - returns null and set up $this->error
+*   2. HELO was sent
+*     $name = 'HELO': returns server name
+*     $name = 'EHLO': returns boolean false
+*     $name = any string: returns null and set up $this->error
+*   3. EHLO was sent
+*     $name = 'HELO'|'EHLO': returns server name
+*     $name = any string: if extension $name exists, returns boolean True
+*       or its options. Otherwise returns boolean False
+* In other words, one can use this method to detect 3 conditions:
+*  - null returned: handshake was not or we don't know about ext (refer to $this->error)
+*  - false returned: the requested feature exactly not exists
+*  - positive value returned: the requested feature exists
+* @param string $name Name of SMTP extension or 'HELO'|'EHLO'
+* @return mixed
+*/
+public function getServerExt($name)
+{
+if (!$this->server_caps) {
+$this->setError('No HELO/EHLO was sent');
+return null;
+}
+// the tight logic knot ;)
+if (!array_key_exists($name, $this->server_caps)) {
+if ($name == 'HELO') {
+return $this->server_caps['EHLO'];
+}
+if ($name == 'EHLO' || array_key_exists('EHLO', $this->server_caps)) {
+return false;
+}
+$this->setError('HELO handshake was used. Client knows nothing about server extensions');
+return null;
+}
+return $this->server_caps[$name];
 }
 /**
 * Get the last reply from the server.
 * @access public
 * @access protected
 * @return string
 */
 protected function get_lines()
 {
+// If the connection is bad, give up straight away
+if (!is_resource($this->smtp_conn)) {
+return '';
+}
 $data = '';
 $endtime = 0;
-// If the connection is bad, give up now
-if (!is_resource($this->smtp_conn)) {
-return $data;
-}
 stream_set_timeout($this->smtp_conn, $this->Timeout);
 if ($this->Timelimit > 0) {
 $endtime = time() + $this->Timelimit;
 }
 while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) {
 $str = @fgets($this->smtp_conn, 515);
-if ($this->do_debug >= 4) {
+$this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
-$this->edebug("SMTP -> get_lines(): \$data was \"$data\"");
+$this->edebug("SMTP -> get_lines(): \$str is  \"$str\"", self::DEBUG_LOWLEVEL);
-$this->edebug("SMTP -> get_lines(): \$str is \"$str\"");
-}
 $data .= $str;
-if ($this->do_debug >= 4) {
+// If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
-$this->edebug("SMTP -> get_lines(): \$data is \"$data\"");
+if ((isset($str[3]) and $str[3] == ' ')) {
-}
-// if 4th character is a space, we are done reading, break the loop
-if (substr($str, 3, 1) == ' ') {
 break;
 }
 // Timed-out? Log and break
 $info = stream_get_meta_data($this->smtp_conn);
 if ($info['timed_out']) {
-if ($this->do_debug >= 4) {
+$this->edebug(
-$this->edebug(
+'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)',
-'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)'
+self::DEBUG_LOWLEVEL
 );
-}
 break;
 }
 // Now check if reads took too long
-if ($endtime) {
+if ($endtime and time() > $endtime) {
-if (time() > $endtime) {
+$this->edebug(
-if ($this->do_debug >= 4) {
+'SMTP -> get_lines(): timelimit reached ('.
-$this->edebug(
+$this->Timelimit . ' sec)',
-'SMTP -> get_lines(): timelimit reached ('
+self::DEBUG_LOWLEVEL
-. $this->Timelimit . ' sec)'
+);
-);
+break;
-}
-break;
-}
 }
 }
 return $data;
 }
 /**
 * Enable or disable VERP address generation.
-* @param bool $enabled
+* @param boolean $enabled
 */
 public function setVerp($enabled = false)
 {
 $this->do_verp = $enabled;
 }
 /**
 * Get VERP address generation mode.
-* @return bool
+* @return boolean
 */
 public function getVerp()
 {
 return $this->do_verp;
 }
 /**
+* Set error messages and codes.
+* @param string $message The error message
+* @param string $detail Further detail on the error
+* @param string $smtp_code An associated SMTP error code
+* @param string $smtp_code_ex Extended SMTP code
+*/
+protected function setError($message, $detail = '', $smtp_code = '', $smtp_code_ex = '')
+{
+$this->error = array(
+'error' => $message,
+'detail' => $detail,
+'smtp_code' => $smtp_code,
+'smtp_code_ex' => $smtp_code_ex
+);
+}
+/**
 * Set debug output method.
-* @param string $method The function/method to use for debugging output.
+* @param string|callable $method The name of the mechanism to use for debugging output, or a callable to handle it.
 */
 public function setDebugOutput($method = 'echo')
 {
 $this->Debugoutput = $method;
 }
 return $this->Debugoutput;
 }
 /**
 * Set debug output level.
-* @param int $level
+* @param integer $level
 */
 public function setDebugLevel($level = 0)
 {
 $this->do_debug = $level;
 }
 /**
 * Get debug output level.
-* @return int
+* @return integer
 */
 public function getDebugLevel()
 {
 return $this->do_debug;
 }
 /**
 * Set SMTP timeout.
-* @param int $timeout
+* @param integer $timeout
 */
 public function setTimeout($timeout = 0)
 {
 $this->Timeout = $timeout;
 }
 /**
 * Get SMTP timeout.
-* @return int
+* @return integer
 */
 public function getTimeout()
 {
 return $this->Timeout;
 }
+/**
+* Reports an error number and string.
+* @param integer $errno The error number returned by PHP.
+* @param string $errmsg The error message returned by PHP.
+*/
+protected function errorHandler($errno, $errmsg)
+{
+$notice = 'Connection: Failed to connect to server.';
+$this->setError(
+$notice,
+$errno,
+$errmsg
+);
+$this->edebug(
+$notice . ' Error number ' . $errno . '. "Error notice: ' . $errmsg,
+self::DEBUG_CONNECTION
+);
+}
+	/**
+	 * Will return the ID of the last smtp transaction based on a list of patterns provided
+	 * in SMTP::$smtp_transaction_id_patterns.
+	 * If no reply has been received yet, it will return null.
+	 * If no pattern has been matched, it will return false.
+	 * @return bool|null|string
+	 */
+	public function getLastTransactionID()
+	{
+		$reply = $this->getLastReply();
+		if (empty($reply)) {
+			return null;
+		}
+		foreach($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
+			if(preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
+				return $matches[1];
+			}
+		}
+		return false;
+}
 }

changeset 7	cf61fcea0001
parent 5	5e2f62d02dcd
child 9	177826044cd9